Account deletion
Self-service deletion with a 30-day cooling-off window — what gets anonymised, what's retained, and the sole-member-org rule.
Under GDPR Article 17 you can delete your account self-service, with a 30-day cooling-off window so an impulsive click is reversible. The flow lives at Account → Delete account.
What deletion means
Norcube deletes by pseudonymisation: after the cooling-off window, your name, email, password, and avatar are permanently NULL-ed and your organization memberships removed. Your internal account UUID survives — the page explains why: "so that audit trails in other systems remain intact — you appear as 'Former user' wherever you used to appear." Signing in becomes impossible (there is no password anymore).
Before you can request it: sole-member organizations
If you're the only member of any organization, deleting your account would orphan it, so the page blocks the request and lists the conflicts under "Resolve these first". Two ways out, straight from the page:
- Close the organization — a Close organization button per conflicting org. Closing finalises its billing and cascade-deletes its data in every product — see Organizations → Close an organization.
- Hand it over — "Need to keep the organization but hand it over? Email [email protected] and we'll arrange a transfer of membership."
Request deletion
With no conflicts remaining, the Confirm section asks you to type your email address to enable the button, then Delete my account. The response: "Your account is now scheduled for deletion. You can cancel within the next 30 days."
The 30-day window
- Everything keeps working. You stay signed in and can use every product; the page shows the scheduled date and days remaining.
- Cancel any time from the same page — "Deletion cancelled. Your account is active again." — with no side effects.
- After the window closes there is no cancel. The anonymisation is permanent.
What happens at the end of the window
In order, automatically:
- A confirmation email is sent.
- Open billing is finalised — usage accrued during the window (including in orgs you closed) is invoiced normally.
- Your billing contact is anonymised on the payment processor's records; the customer object itself is retained for tax compliance.
- Memberships are removed — organizations with other members continue untouched.
- Personal fields are NULL-ed — name, email, password, avatar — and the account is marked anonymised.
What's retained, and why
- Invoices — for the retention tax law requires.
- Audit-log entries in all products — they resolve your identity live, so after deletion you appear as "Anonymized user" / "Former user" with no personal data attached. (Product audit logs themselves age out on their own schedules — e.g. one year in Backup.)
- The pseudonymous account UUID — referenced by historical records, containing nothing personal.
Everything else — the personal data itself — is gone.
Behaviour and edge cases
- One pending request at a time; cancel-and-re-request restarts the 30 days.
- Deletion is about your account. Organization data belongs to the organization — deleting your account never deletes an org that has other members. Closing orgs is the separate, explicit act.
- Export first if you want a copy of your data: Data export — after anonymisation there's nothing left to export.
Related
- Organizations — closing and handing over.
- Data export.